1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3 * Copyright (C) 2023, STMicroelectronics - All Rights Reserved
4 */
5
6 #ifndef STM32_FIREWALL_DEVICE_H
7 #define STM32_FIREWALL_DEVICE_H
8
9 #include <linux/of.h>
10 #include <linux/platform_device.h>
11 #include <linux/types.h>
12
13 #define STM32_FIREWALL_MAX_EXTRA_ARGS 5
14
15 /* Opaque reference to stm32_firewall_controller */
16 struct stm32_firewall_controller;
17
18 /**
19 * struct stm32_firewall - Information on a device's firewall. Each device can have more than one
20 * firewall.
21 *
22 * @firewall_ctrl: Pointer referencing a firewall controller of the device. It is
23 * opaque so a device cannot manipulate the controller's ops or access
24 * the controller's data
25 * @extra_args: Extra arguments that are implementation dependent
26 * @entry: Name of the firewall entry
27 * @extra_args_size: Number of extra arguments
28 * @firewall_id: Firewall ID associated the device for this firewall controller
29 */
30 struct stm32_firewall {
31 struct stm32_firewall_controller *firewall_ctrl;
32 u32 extra_args[STM32_FIREWALL_MAX_EXTRA_ARGS];
33 const char *entry;
34 size_t extra_args_size;
35 u32 firewall_id;
36 };
37
38 #if IS_ENABLED(CONFIG_STM32_FIREWALL)
39 /**
40 * stm32_firewall_get_firewall - Get the firewall(s) associated to given device.
41 * The firewall controller reference is always the first argument
42 * of each of the access-controller property entries.
43 * The firewall ID is always the second argument of each of the
44 * access-controller property entries.
45 * If there's no argument linked to the phandle, then the firewall ID
46 * field is set to U32_MAX, which is an invalid ID.
47 *
48 * @np: Device node to parse
49 * @firewall: Array of firewall references
50 * @nb_firewall: Number of firewall references to get. Must be at least 1.
51 *
52 * Returns 0 on success, -ENODEV if there's no match with a firewall controller or appropriate errno
53 * code if error occurred.
54 */
55 int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *firewall,
56 unsigned int nb_firewall);
57
58 /**
59 * stm32_firewall_grant_access - Request firewall access rights and grant access.
60 *
61 * @firewall: Firewall reference containing the ID to check against its firewall
62 * controller
63 *
64 * Returns 0 if access is granted, -EACCES if access is denied, -ENODEV if firewall is null or
65 * appropriate errno code if error occurred
66 */
67 int stm32_firewall_grant_access(struct stm32_firewall *firewall);
68
69 /**
70 * stm32_firewall_release_access - Release access granted from a call to
71 * stm32_firewall_grant_access().
72 *
73 * @firewall: Firewall reference containing the ID to check against its firewall
74 * controller
75 */
76 void stm32_firewall_release_access(struct stm32_firewall *firewall);
77
78 /**
79 * stm32_firewall_grant_access_by_id - Request firewall access rights of a given device
80 * based on a specific firewall ID
81 *
82 * Warnings:
83 * There is no way to ensure that the given ID will correspond to the firewall referenced in the
84 * device node if the ID did not come from stm32_firewall_get_firewall(). In that case, this
85 * function must be used with caution.
86 * This function should be used for subsystem resources that do not have the same firewall ID
87 * as their parent.
88 * U32_MAX is an invalid ID.
89 *
90 * @firewall: Firewall reference containing the firewall controller
91 * @subsystem_id: Firewall ID of the subsystem resource
92 *
93 * Returns 0 if access is granted, -EACCES if access is denied, -ENODEV if firewall is null or
94 * appropriate errno code if error occurred
95 */
96 int stm32_firewall_grant_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id);
97
98 /**
99 * stm32_firewall_release_access_by_id - Release access granted from a call to
100 * stm32_firewall_grant_access_by_id().
101 *
102 * Warnings:
103 * There is no way to ensure that the given ID will correspond to the firewall referenced in the
104 * device node if the ID did not come from stm32_firewall_get_firewall(). In that case, this
105 * function must be used with caution.
106 * This function should be used for subsystem resources that do not have the same firewall ID
107 * as their parent.
108 * U32_MAX is an invalid ID.
109 *
110 * @firewall: Firewall reference containing the firewall controller
111 * @subsystem_id: Firewall ID of the subsystem resource
112 */
113 void stm32_firewall_release_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id);
114
115 #else /* CONFIG_STM32_FIREWALL */
116
117 int stm32_firewall_get_firewall(struct device_node *np, struct stm32_firewall *firewall,
118 unsigned int nb_firewall);
119 {
120 return -ENODEV;
121 }
122
stm32_firewall_grant_access(struct stm32_firewall * firewall)123 int stm32_firewall_grant_access(struct stm32_firewall *firewall)
124 {
125 return -ENODEV;
126 }
127
stm32_firewall_release_access(struct stm32_firewall * firewall)128 void stm32_firewall_release_access(struct stm32_firewall *firewall)
129 {
130 }
131
stm32_firewall_grant_access_by_id(struct stm32_firewall * firewall,u32 subsystem_id)132 int stm32_firewall_grant_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id)
133 {
134 return -ENODEV;
135 }
136
stm32_firewall_release_access_by_id(struct stm32_firewall * firewall,u32 subsystem_id)137 void stm32_firewall_release_access_by_id(struct stm32_firewall *firewall, u32 subsystem_id)
138 {
139 }
140
141 #endif /* CONFIG_STM32_FIREWALL */
142 #endif /* STM32_FIREWALL_DEVICE_H */
143